From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Po Lu Newsgroups: gmane.emacs.devel Subject: Re: Making default permissions on Android more restrictive Date: Wed, 13 Sep 2023 20:34:17 +0800 Message-ID: <874jjy5k1i.fsf@yahoo.com> References: Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="22846"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: emacs-devel@gnu.org, Eli Zaretskii To: Stefan Kangas Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Wed Sep 13 14:35:53 2023 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qgP60-0005is-Pi for ged-emacs-devel@m.gmane-mx.org; Wed, 13 Sep 2023 14:35:52 +0200 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qgP4p-0006Bq-0I; Wed, 13 Sep 2023 08:34:39 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qgP4m-0006BO-2a for emacs-devel@gnu.org; Wed, 13 Sep 2023 08:34:37 -0400 Original-Received: from sonic314-20.consmr.mail.ne1.yahoo.com ([66.163.189.146]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qgP4i-0005F7-MH for emacs-devel@gnu.org; Wed, 13 Sep 2023 08:34:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1694608470; bh=eMxvjs9gnMaoCSWhfTu7B2RfkTGKzsBbjMMboiX7ens=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From:Subject:Reply-To; b=gf9zY7QkS9+5twZxe7y3e8MeLdfTArpqQAInAleP2LKOv7j0cmOC8qdFUl7sx7i1KJeCvqqs8+lMlecJSQZxVbxQZtIiyhajMY7QlSslq1+I0SpBQ+R3RS2uybS+yVKaXueHBe9bar8dn8R9QDJSZczFBIGeUON/RVvezV2L8iYxF+TPB7jvip8leZ7iBKOAUCSTXYXa0FNPHupK/JhkuiOAf+5FpzHMTRcpvx6MpN/qLY1oFx8hZBrjy3ZKt2XEwQPNTkzGRbleI2EO8f+wPxD5r6HIZrZotYI41yS6/HAOvAx3uvO9Yp197+pBHZXjhdWD7HCcbRlQ1ntb+KwsHQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1694608470; bh=8rGMxkTD7+UqajaM0N57KUx+0iTkE3zGy2XgABv/LAy=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=SspVcZVKOJ3WMhDiDL2rlr3DN5Qwt7H7ASRj9uFNc3D05Io0r7pf7zT4VJHyssIJfjQMt8xgjWneoZnUJXWbNgfTu7/hfSb95xqovlIbs/ThTA7Dh1RLqjZx6Ri/N0JylMAxPoXe+qkml3PrZGhn9VTDc85RmSy0GJmvobyMwynipbYxATWeNBOuyGtM+E6tsAwqpyPxelJL48SInVz0c4An5aWM/Yd0+UbLK0lbLbkpeJHnGeGi3mlLBQDoVmhETRMMaTnDkjdq0p4r3BSduUsyiCKSLeZoWWsvFJKdDhxfirCuJrL5xlWrrf4SjPpr9xwt8h7Hb0MREjYzKVK5jg== X-YMail-OSG: sJHqkwUVM1ls2AmWKftKhADqlO9szqP0QZ5SLOJ6XgOy4HARbpug5npzOF19vn. YQDM_Tq7.Q96UXboaXWU0y6d06m8hxfqkRBLm7pRUVl8zx59Wppa36A9BwXnSf6HCusu6DxO6yXg aiIBDTWunOupX3CCNOW6HhZ.pzUxZYOijYbnD7wPEQQZkntvKrYC6dAUdlvbjCC9V374Fm5Lcd8V MQH3x_gzTQSaDC5TN0TTUi3aYBEF6KZXJH03N3Y2_2CmKwuBaAiVKDGDkApCr71lnpPcIRf4pewz 37Ksp73CzG3qJToXbrc5WTheYPqS2ddJ8XA0B9F_1QqEBc5DimfKKLUV5KZl26RHAVhzpoZvfmo7 31uydkLd_67e9lq1F8ZZw63wUn6i_nF36kpz._7VY3M0fSLuPDOntZv9CNyuAYuJiv5imIgQd55o bzx8ia7pCAVURMdrtjwDdjZH23z0dUW_T6Ab9Xac6hNRwJGcqNUa39ZSJxVMkQ0QrDWFZOi3xy03 hFmuvNRymYa1bu80_UOnmu5AXrf8mi06isgfJQxDnSn3pBeKtMPKbJLzlxPWYe_CazmT0Hwpg5G9 6npSXwn0anLkDVHEb5t.cbZJYdat7m04.T5F_hAliGhUSvUOVpaTVSEs9Win6v5DoONVLjK1yY.V qm1yBLvXRSCA45FskdcejLkvtb1rhrD.Ri8FEIX.3r_MeWqT6wQ4RFPGIqry4oNy1ygKCHYZlDdJ bgnrAIlWvp2oF2RemCJyfUvD14SS..3AzwfMkkywRrnuQQe78qziS4JCboBXrPWmo2Z8XPQT3bkO CdwbENkLaaRml.czDsuW2I8A6MGeZehYUH0E5Jgkrv X-Sonic-MF: X-Sonic-ID: 47686817-323f-4062-b2c6-aa95fb6af04a Original-Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.ne1.yahoo.com with HTTP; Wed, 13 Sep 2023 12:34:30 +0000 Original-Received: by hermes--production-sg3-69654d8bd-tsbjv (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID e0d0a4bc1ff4c2cd0b68840419cd8fd4; Wed, 13 Sep 2023 12:34:24 +0000 (UTC) In-Reply-To: (Stefan Kangas's message of "Wed, 13 Sep 2023 05:07:33 -0700") X-Mailer: WebService/1.1.21797 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Received-SPF: pass client-ip=66.163.189.146; envelope-from=luangruo@yahoo.com; helo=sonic314-20.consmr.mail.ne1.yahoo.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.devel:310544 Archived-At: Stefan Kangas writes: > 2. > > The justification for asking for the above permissions in (info "(emacs) > Android Environment") is: > > While most of these permissions are left unused by Emacs itself, > they are declared by Emacs as they could be useful for other > programs; for example, the permission to access contacts may be > useful for EUDC. > > I think this criteria should be changed. Instead of saying "one can > imagine something like EUDC to be using this", we should decide which > permissions to ask for based on criteria like "package supports > feature on Android, and it is highly useful". I think that is too high a bar, given that Emacs must be recompiled before it is capable of requesting permissions outside the set of permissions enumerated within its manifest. Which is to say, unless we declare these permissions from the outset, such packages will _never_ have a fighting chance of supporting Android. Most of our users will run Android 6.0 or later, where most of the permissions Emacs requests by default are in fact disabled until explicit action is taken to enable them. Removing these permission declarations is tantamount to impeding the development of user Lisp code just to assauge minor security concerns on decade-old installations of Android. These versions collectively amount to less than 2.17% of all Android installations. > 3. > > I don't understand why we ask for the following permissions, AFAIU on > all versions of Android: > > NFC > TRANSMIT_IR > > Are there any technical reasons to ask for them? If not, could they be > removed as well? NFC and IR transmission are tasks that someone might conceivably use Emacs to perform (for example, the other day I observed a package purporting to save ``smart cards'' into Emacs.) They're innocuous to such an extent that Android grants them to all requesting programs by default. Thanks.